DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




Uganda election: Bobi Wine 'fearful for life' after Museveni win

Uganda's general election. 16 January 2021 5.85 million votes were won by Yoweri Museveni, according to the Electoral Commission. 3.48 million votes were won by Bobi Wine, his main rival, the commission said...
More details.

Posted on 17 January 2021 9:28 am


UK Police mistakenly deleted 150,000 arrest records in software glitch

Reportedly, a software glitch wiped DNA and fingerprint data from the police computer. The UK government has acknowledged that a technical glitch resulted in the accidental deletion of 150,000 arrest records from police databases across the country...
More details.

Posted on 17 January 2021 5:31 am


Parler CEO goes into hiding blaming Amazon flak, death threats

WASHINGTON: The chief executive officer of Parler LLC says he’s gone into hiding after receiving death threats. John Matze Jr’s social media platform was briefly the new home to conservative supporters of Donald Trump who flocked to it after Twitter banned the president...
More details.

Posted on 17 January 2021 1:45 am


FIN11 e-crime group shifted to CL0P ransomware and big game hunting

Derek B. Johnson reports: The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise...
More details.

Posted on 17 January 2021 12:21 am


Hacker Blows Chance at Early Release By Hacking More

The Federal Correctional Institution, Terre Haute, Indiana (Source: Bureau of Prisons) The U.S. Department of Justice has charged Ardit Ferizi, a Kosovo citizen, with fraud and identity theft, accusing him of continuing to commit various cybercrimes while he was behind bars and serving a 20-year...
More details.

Posted on 16 January 2021 8:51 pm


Undisclosed Apache Velocity XSS vulnerability impacts GOV sites

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA and NOAA. Although 90 days have elapsed since the vulnerability was reported and patched, BleepingComputer is not aware of a formal disclosure made by the project...
More details.

Posted on 16 January 2021 8:33 pm


NA - CVE-2021-21247 - OneDev is an all-in-one devops platform. In...

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pages other than the login page...
More details.

Posted on 16 January 2021 5:04 am


WhatsApp Web users must drop everything for this; your phone number could be exposed

As WhatsApp faces intense scrutiny over its upcoming data and privacy policy in India and elsewhere, another user data violation has been reported, this time on the WhatsApp on Desktop (Web) application, allegedly exposing personal mobile numbers via indexing on Google Search...
More details.

Posted on 16 January 2021 4:14 am


NSA Appoints Rob Joyce as Cyber Director

Joyce will replace Anne Neuberger, who this week was appointed Deputy National Security Advisor for Cyber and Emerging Technology for the National Security Council (NSC), the incoming Biden administration announced...
More details.

Posted on 16 January 2021 3:48 am


Hackers leaked altered Pfizer data to sabotage trust in vaccines

The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines...
More details.

Posted on 16 January 2021 3:48 am


Managing Cybersecurity Costs: Bake These Ingredients Into Your Annual Budget

Read the original article: Managing Cybersecurity Costs: Bake These Ingredients Into Your Annual Budget As businesses across all industries evolve, once discretionary expenses become operating costs. Insurance coverage, for example, is pretty much ‘a must’ across many industries...
More details.

Posted on 16 January 2021 1:57 am


IT Security Trends in the Era of COVID: Our Top Five Tips for Making Your Network Safer in 2021

As the COVID era drags on, it is clear that work life “post-COVID” may be very different from life “pre-COVID.” This is especially true as it relates to IT security. More and more employees have shifted to a telecommuting work model, and for many businesses that may be the case for an indefinite period of time...
More details.

Posted on 15 January 2021 11:53 pm


Biden Inauguration: Defending Against Cyberthreats

Photo: Virginia National Guard. As thousands of National Guard troops pour into Washington to provide security for the Jan. 20 inauguration of Joe Biden as president, cybersecurity analysts are calling attention to the need to defend against cyber incidents as well...
More details.

Posted on 15 January 2021 10:44 pm


Joker's Stash, a forum for stolen data, says it will shut down within 30 days

financial Joker's Stash, a forum for stolen data, says it will shut down within 30 days. Written by Jan 15, 2021 | CYBERSCOOP. Jeff Stone An administrator of a notorious forum for stolen payment data and illicitly obtained personal information says they will shutter the site in 30 days...
More details.

Posted on 15 January 2021 9:42 pm


Misconfigurations: A Hidden but Preventable Threat to Cloud Data

Working in the cloud has many advantages. But to handle your information safely, you should know how to defend against the common problem of misconfigurations leaving cloud data open to thieves. What are the Benefits of Cloud Computing? Many groups are expanding their use of the cloud...
More details.

Posted on 15 January 2021 6:36 pm


NSA Offers Guidance on Adopting Encrypted DNS

The U.S. National Security Agency has released guidance on how organizations can adopt encrypted domain name system protocols to prevent eavesdropping and manipulation of DNS traffic. Although the agency's report is geared toward the military and defense contractors, its recommendations can be adopted in all sectors...
More details.

Posted on 15 January 2021 5:39 pm


Verified Twitter accounts hacked in $580k ‘Elon Musk’ crypto scam

Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active. There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk...
More details.

Posted on 15 January 2021 5:17 pm


Ransomware Disrupts Scottish Environment Protection Agency

Conti's data leak site claims to have now published 7% of the files it stole from SEPA (Source: Kela) The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data...
More details.

Posted on 15 January 2021 1:44 pm


Smartphone giant Xiaomi reels as US ramps up China blacklist

Shares in Xiaomi collapsed on Friday after the United States blacklisted the smartphone giant and a host of other Chinese firms as the Trump administration aims to cement its trade war legacy against Beijing...
More details.

Posted on 15 January 2021 1:38 pm


Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

by January 15, 2021. GIXnews Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor...
More details.

Posted on 15 January 2021 1:22 pm


NZ central bank governor apologises after cyberattack resulted in serious data breach - ETCIO.com

The head of the Reserve Bank of New Zealand (RBNZ) apologised on Friday after a recent cyberattack led to a serious data breach at the central bank, and brought in an independent investigator to review the incident...
More details.

Posted on 15 January 2021 12:55 pm


SolarWinds Supply Chain Hack: Investigation Update

Also: Security Education in 2021; How to Retain SOC Talent January 15, 2021 11 Minutes The latest edition of the ISMG Security Report describes new details emerging from the SolarWinds supply chain hack investigation...
More details.

Posted on 15 January 2021 9:57 am


SolarLeaks Selling Alleged Source Code from Microsoft, Cisco | Avast

by January 15, 2021. GIXnews Various sensitive source codes belonging to Microsoft, Cisco, FireEye, and network management company SolarWinds are allegedly for sale on a website called SolarLeaks. The site was launched this week, about a month after a cyberattack on SolarWinds that led to a supply chain attack impacting 18,000 customers...
More details.

Posted on 15 January 2021 8:51 am


Securing the "New Tomorrow" in Financial Services

AS we begin 2021, many financial services companies are turning their attention to planning for the future - this means adapting to a hybrid workforce and a much greater reliance on cloud for operational efficiencies...
More details.

Posted on 15 January 2021 8:41 am


Home Office accidentally DELETES 150,000 fingerprint, DNA and arrest records from police databases

However, the omissions would appear to at least impinge on police power to reopen investigations should more evidence come to light in certain cases. He said in a statement: 'The Home Secretary must take responsibility for this serious problem...
More details.

Posted on 15 January 2021 6:55 am


CVE-2020-29494

Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the arbitrary files stored on the server filesystem, causing deletion of arbitrary files...
More details.

Posted on 15 January 2021 6:06 am


GeekWire - Information, Cyber, Network Security News.

Ministry of Defence’s cyber warfare drive is helping burn a hole through its budget, warns UK’s National Audit Office. The Ministry of Defence’s multibillion budget overrun has been caused in part because of its spending splurge on flashy new “cyber” capabilities, according to the National Audit Office...
More details.

Posted on 15 January 2021 5:27 am


NA - CVE-2020-29493 - DELL EMC Avamar Server, versions 19.1, 19.2,...

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorized read and write access to application data...
More details.

Posted on 15 January 2021 5:00 am


Warning as hackers breach MFA to target cloud services

According to CISA, it has verified one of the users had their account breached even though they were using “proper multi-factor authentication (MFA).” Last year, it was reported that threat actors have been using legitimate tools to compromise Cloud-based assets...
More details.

Posted on 14 January 2021 11:08 pm


5 Cybersecurity Best Practices For Planning Ahead

Putting best practices in place is the most efficient way to combat cybersecurity threats. But that’s easier said than done, as there are a lot of forces working against our best efforts. The talent shortage looms the largest; there simply aren’t enough qualified cybersecurity experts out there to provide organizations a strong foundation...
More details.

Posted on 14 January 2021 10:57 pm


AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

Original release date: January 8, 2021. Summary. This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
More details.

Posted on 8 January 2021 4:36 pm


AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Original release date: December 17, 2020 | Last revised: January 7, 2021. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020...
More details.

Posted on 17 December 2020 3:00 pm


AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data

Original release date: December 10, 2020. Summary. This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC)...
More details.

Posted on 10 December 2020 5:00 pm


AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Original release date: December 1, 2020. Summary. This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
More details.

Posted on 1 December 2020 6:00 pm


AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Original release date: October 30, 2020 | Last revised: November 3, 2020. Summary. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework...
More details.

Posted on 30 October 2020 6:11 pm


AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector

Original release date: October 28, 2020 | Last revised: November 2, 2020. Summary. This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection...
More details.

Posted on 28 October 2020 11:07 pm


AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

Original release date: October 27, 2020. Summary. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques...
More details.

Posted on 27 October 2020 5:00 pm


AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

Original release date: October 22, 2020. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U...
More details.

Posted on 22 October 2020 4:00 pm


AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

Original release date: October 22, 2020 | Last revised: December 1, 2020. Summary. This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework...
More details.

Posted on 22 October 2020 12:44 pm


AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Original release date: October 9, 2020 | Last revised: October 24, 2020. Summary. This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework...
More details.

Posted on 9 October 2020 8:21 pm


Robot Motion Servers

This Alert contains a public report of a Remote Code Execution vulnerability affecting robot motion servers written in OEM exclusive programming languages running on the robot controller.
More details.

Posted on 4 August 2020 2:10 pm


SweynTooth Vulnerabilities

This ALERT details vulnerabilities in SweynTooth's Bluetooth Low Energy (BLE) proof-of-concept (PoC) exploit code. This report was released without coordination with some of the affected vendors and without advance coordination with CISA...
More details.

Posted on 3 March 2020 3:20 pm


Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A)

This updated alert is a follow-up to the original alert titled ICS-ALERT-19-225-01 Mitsubishi Electric smartRTU and INEA ME-RTU that was published August 13, 2019, on the ICS webpage on us-cert.gov. CISA is aware of a public report of a proof-of-concept (PoC) exploit code vulnerability affecting Mitsubishi Electric smartRTU devices...
More details.

Posted on 10 September 2019 2:30 pm


CAN Bus Network Implementation in Avionics

CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft...
More details.

Posted on 30 July 2019 1:00 pm


DICOM Standard in Medical Devices

NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information...
More details.

Posted on 11 June 2019 4:15 pm


Meltdown and Spectre Vulnerabilities (Update J)

This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
More details.

Posted on 11 January 2018 5:51 pm


WAGO PFC200

NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port...
More details.

Posted on 7 December 2017 9:11 pm


Eaton ELCSoft Vulnerabilities

NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process...
More details.

Posted on 4 August 2017 7:11 pm


CAN Bus Standard Vulnerability

NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard...
More details.

Posted on 28 July 2017 7:34 pm


CRASHOVERRIDE Malware

CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers...
More details.

Posted on 25 July 2017 4:45 pm



What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI